| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/lock/screen_locker.h" | 5 #include "chrome/browser/chromeos/login/lock/screen_locker.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "ash/login/ui/lock_screen.h" | 10 #include "ash/login/ui/lock_screen.h" |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 #include "base/message_loop/message_loop.h" | 23 #include "base/message_loop/message_loop.h" |
| 24 #include "base/metrics/histogram_macros.h" | 24 #include "base/metrics/histogram_macros.h" |
| 25 #include "base/metrics/user_metrics.h" | 25 #include "base/metrics/user_metrics.h" |
| 26 #include "base/single_thread_task_runner.h" | 26 #include "base/single_thread_task_runner.h" |
| 27 #include "base/strings/string_number_conversions.h" | 27 #include "base/strings/string_number_conversions.h" |
| 28 #include "base/strings/string_util.h" | 28 #include "base/strings/string_util.h" |
| 29 #include "base/threading/thread_task_runner_handle.h" | 29 #include "base/threading/thread_task_runner_handle.h" |
| 30 #include "chrome/browser/chrome_notification_types.h" | 30 #include "chrome/browser/chrome_notification_types.h" |
| 31 #include "chrome/browser/chromeos/accessibility/accessibility_manager.h" | 31 #include "chrome/browser/chromeos/accessibility/accessibility_manager.h" |
| 32 #include "chrome/browser/chromeos/login/lock/webui_screen_locker.h" | 32 #include "chrome/browser/chromeos/login/lock/webui_screen_locker.h" |
| 33 #include "chrome/browser/chromeos/login/quick_unlock/fingerprint_storage.h" |
| 34 #include "chrome/browser/chromeos/login/quick_unlock/pin_backend.h" |
| 33 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_factory.h" | 35 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_factory.h" |
| 34 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_storage.h" | 36 #include "chrome/browser/chromeos/login/quick_unlock/quick_unlock_storage.h" |
| 35 #include "chrome/browser/chromeos/login/session/user_session_manager.h" | 37 #include "chrome/browser/chromeos/login/session/user_session_manager.h" |
| 36 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio
n.h" | 38 #include "chrome/browser/chromeos/login/supervised/supervised_user_authenticatio
n.h" |
| 37 #include "chrome/browser/chromeos/login/ui/user_adding_screen.h" | 39 #include "chrome/browser/chromeos/login/ui/user_adding_screen.h" |
| 38 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h" | 40 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h" |
| 39 #include "chrome/browser/chromeos/login/users/supervised_user_manager.h" | 41 #include "chrome/browser/chromeos/login/users/supervised_user_manager.h" |
| 40 #include "chrome/browser/lifetime/application_lifetime.h" | 42 #include "chrome/browser/lifetime/application_lifetime.h" |
| 41 #include "chrome/browser/signin/easy_unlock_service.h" | 43 #include "chrome/browser/signin/easy_unlock_service.h" |
| 42 #include "chrome/browser/signin/signin_manager_factory.h" | 44 #include "chrome/browser/signin/signin_manager_factory.h" |
| (...skipping 276 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 319 user_context.GetAccountId()); | 321 user_context.GetAccountId()); |
| 320 } | 322 } |
| 321 | 323 |
| 322 // Reset the number of PIN attempts available to the user. We always do this | 324 // Reset the number of PIN attempts available to the user. We always do this |
| 323 // because: | 325 // because: |
| 324 // 1. If the user signed in with a PIN, that means they should be able to | 326 // 1. If the user signed in with a PIN, that means they should be able to |
| 325 // continue signing in with a PIN. | 327 // continue signing in with a PIN. |
| 326 // 2. If the user signed in with cryptohome keys, then the PIN timeout is | 328 // 2. If the user signed in with cryptohome keys, then the PIN timeout is |
| 327 // going to be reset as well, so it is safe to reset the unlock attempt | 329 // going to be reset as well, so it is safe to reset the unlock attempt |
| 328 // count. | 330 // count. |
| 331 quick_unlock::PinBackend::NotifyAuthentication(user_context.GetAccountId()); |
| 329 quick_unlock::QuickUnlockStorage* quick_unlock_storage = | 332 quick_unlock::QuickUnlockStorage* quick_unlock_storage = |
| 330 quick_unlock::QuickUnlockFactory::GetForUser(user); | 333 quick_unlock::QuickUnlockFactory::GetForUser(user); |
| 331 if (quick_unlock_storage) { | 334 if (quick_unlock_storage) { |
| 332 quick_unlock_storage->pin_storage()->ResetUnlockAttemptCount(); | |
| 333 quick_unlock_storage->fingerprint_storage()->ResetUnlockAttemptCount(); | 335 quick_unlock_storage->fingerprint_storage()->ResetUnlockAttemptCount(); |
| 334 } | 336 } |
| 335 | 337 |
| 336 UserSessionManager::GetInstance()->UpdateEasyUnlockKeys(user_context); | 338 UserSessionManager::GetInstance()->UpdateEasyUnlockKeys(user_context); |
| 337 } else { | 339 } else { |
| 338 NOTREACHED() << "Logged in user not found."; | 340 NOTREACHED() << "Logged in user not found."; |
| 339 } | 341 } |
| 340 | 342 |
| 341 authentication_capture_.reset(new AuthenticationParametersCapture()); | 343 authentication_capture_.reset(new AuthenticationParametersCapture()); |
| 342 authentication_capture_->user_context = user_context; | 344 authentication_capture_->user_context = user_context; |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 390 if (user) { | 392 if (user) { |
| 391 // Check to see if the user submitted a PIN and it is valid. | 393 // Check to see if the user submitted a PIN and it is valid. |
| 392 const std::string pin = user_context.GetKey()->GetSecret(); | 394 const std::string pin = user_context.GetKey()->GetSecret(); |
| 393 | 395 |
| 394 // We only want to try authenticating the pin if it is a number, | 396 // We only want to try authenticating the pin if it is a number, |
| 395 // otherwise we will timeout PIN if the user enters their account password | 397 // otherwise we will timeout PIN if the user enters their account password |
| 396 // incorrectly more than a few times. | 398 // incorrectly more than a few times. |
| 397 int dummy_value; | 399 int dummy_value; |
| 398 if (unlock_attempt_type_ == AUTH_PIN && | 400 if (unlock_attempt_type_ == AUTH_PIN && |
| 399 base::StringToInt(pin, &dummy_value)) { | 401 base::StringToInt(pin, &dummy_value)) { |
| 400 quick_unlock::QuickUnlockStorage* quick_unlock_storage = | 402 quick_unlock::PinBackend::TryAuthenticate( |
| 401 quick_unlock::QuickUnlockFactory::GetForUser(user); | 403 user_context.GetAccountId(), pin, |
| 402 if (quick_unlock_storage && | 404 base::Bind(&ScreenLocker::OnPinAttemptDone, |
| 403 quick_unlock_storage->TryAuthenticatePin(pin)) { | 405 weak_factory_.GetWeakPtr(), user_context)); |
| 404 OnAuthSuccess(user_context); | 406 return; |
| 405 return; | |
| 406 } | |
| 407 } | 407 } |
| 408 } |
| 408 | 409 |
| 410 ContinueAuthenticate(user_context); |
| 411 } |
| 412 |
| 413 void ScreenLocker::OnPinAttemptDone(const UserContext& user_context, |
| 414 bool success) { |
| 415 if (success) |
| 416 OnAuthSuccess(user_context); |
| 417 else |
| 418 ContinueAuthenticate(user_context); |
| 419 } |
| 420 |
| 421 void ScreenLocker::ContinueAuthenticate( |
| 422 const chromeos::UserContext& user_context) { |
| 423 const user_manager::User* user = FindUnlockUser(user_context.GetAccountId()); |
| 424 if (user) { |
| 409 // Special case: supervised users. Use special authenticator. | 425 // Special case: supervised users. Use special authenticator. |
| 410 if (user->GetType() == user_manager::USER_TYPE_SUPERVISED) { | 426 if (user->GetType() == user_manager::USER_TYPE_SUPERVISED) { |
| 411 UserContext updated_context = ChromeUserManager::Get() | 427 UserContext updated_context = ChromeUserManager::Get() |
| 412 ->GetSupervisedUserManager() | 428 ->GetSupervisedUserManager() |
| 413 ->GetAuthentication() | 429 ->GetAuthentication() |
| 414 ->TransformKey(user_context); | 430 ->TransformKey(user_context); |
| 415 BrowserThread::PostTask( | 431 BrowserThread::PostTask( |
| 416 BrowserThread::UI, FROM_HERE, | 432 BrowserThread::UI, FROM_HERE, |
| 417 base::Bind(&ExtendedAuthenticator::AuthenticateToCheck, | 433 base::Bind(&ExtendedAuthenticator::AuthenticateToCheck, |
| 418 extended_authenticator_.get(), updated_context, | 434 extended_authenticator_.get(), updated_context, |
| (...skipping 299 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 718 } | 734 } |
| 719 } | 735 } |
| 720 | 736 |
| 721 if (auth_status_consumer_) { | 737 if (auth_status_consumer_) { |
| 722 AuthFailure failure(AuthFailure::UNLOCK_FAILED); | 738 AuthFailure failure(AuthFailure::UNLOCK_FAILED); |
| 723 auth_status_consumer_->OnAuthFailure(failure); | 739 auth_status_consumer_->OnAuthFailure(failure); |
| 724 } | 740 } |
| 725 } | 741 } |
| 726 | 742 |
| 727 } // namespace chromeos | 743 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2809993004:
cros: Implement cryptohome backend for pin.
